I'm confused by the preliminary documentation on the OneNote dev blog. Does it mean that a Native App accessing has to use (compile in) a Client ID specific to an individual O365 subscription?
The implication being that an Commercial App would need recompiling for each different O365 customer. Is this the intention?
If so then this severely limits the utility of OneNote Api in O365.
I'm hoping that I've misunderstood, can anyone advise please?
Paul,
Apologies if we confused you with our initial preliminary docs. Definitely not the case. The app ID is relative to the O365 tenant that publishes the app, but you just flip over the switch to say it is a multi-tenant app for it to be able to be consumed by any tenant.
Related
We have a web application that occasionally receives web request that we detect as attempts to inject SQL code, from Google virtual servers (Compute Engine).
I was asked to find a way to identify who is responsible for said machines, so that we can take the corresponding legal actions on our part, or at least, confirm that Google shut down those servers.
What I need is to find a way to communicate with Google, by email or chat, but I haven't found information about it.
EDIT 1:
I have tried to communicate with Google to indicate the information I am looking for, but the only contact available in my case is with the billing department, which could not confirm that they will give me that information if I buy a technical assistance package. On the other hand, I understand that this package is to review requirements of the applications that you own, but in my case I am looking for legal information.
What was recommended to me was to enter the corresponding application in
https://support.google.com/code/contact/cloud_platform_report?hl=en
but I have not received a response for weeks.
I am disappointed in Google, especially because of the importance of computer security.
I will keep searching information.
You can find all information concerning Tech support, phone support and Chat support in your Google Cloud console. Also, this doc shows different supports based on your support role or package.
We recently submitted our Add-in for approval to be available on AppSource/Office Store and failed approval. Some of the feedback and policies make sense and we have addressed those items. However, there are a few policies that I'm not sure how to address and looking for guidance.
Policy 7.1 & 7.16 are about the supportURL not being publicly available and requiring Sign-in. Our add-in is not a general user add-in but targeted to Enterprise Customers of our Platform. They are provided a login for our support site so is this not sufficient? Do we really need a public url for an add-in targeted to Enterprise Customers?
As I was writing this I found the following link and wanted to make sure this was still valid and the same guidance for my scenario: App Submission - Help/Support Link Requirement
Policy 11.3 are about the Start-up experience needs to engage the user and show value proposition. Our users are Enterprise Users and have signed up for platform in which we will already guide them to use the Excel Add-in. Since they already know the value proposition from our sales team is there a way that this can be handled in our scenario without needing an explicit startup video or wizard walk through of app features?
Yes, this must be a public URL. The support link in your Seller Dashboard listing appears on the AppSource website so must be publicly available. It can be a link to your main website / or a contact page on your main website.
Have you seen the documentation on submitting Enterprise add-ins? This outlines which policies are not applicable when submitting an add-in which targets larger organizations and enterprises. It also explains how to declare, via test notes, that you are submitting an Enterprise add-in.
Project background: Building an API driven Learning Management System. The back-end system will be receiving data from multiple systems and interfaces: web, mobile, VR.
Looking at API Gateways to front our APIs. Preferably an Open Source API gateway but need to be sure that the support and service is available. Tried out Tyk.io and it feels like it might be the way to go. Been reading other StackOverflow threads around this and looks like TYK's gateway fairs quite well against the likes of Kong and WSO2.
Main areas of consideration for us are:
Rate-limiting
Open ID Connect authentication
Analytics
Scalability
Hybrid model of hosting - combination of on-prem and cloud depending on compliance requirements of educational institutes (Probably rules of AWS' gateway)
It would be really helpful if anyone who is using or has used TYK.io for their production projects can share their experience, especially for enterprise clients/projects.
Full disclosure: I work for Tyk, so of course think that Tyk is the best fit for your project ;)
Seriously, though - Tyk can do all those things you’re after. Here are some links to the documentation for each item that is big on your list:
Rate-limiting
Open ID Connect authentication
Analytics
Scalability
Hybrid model of hosting
You can also post on the Tyk community for help, if you haven’t already, or search to see what else others have said.
The Tyk Open Source API Gateway will do everything you need, even outputting analytics to difference sources, like ElasticSearch, Mongo or just CSV.
In addition, you can also use our API Management Platform to control your open source gateway. The Tyk API Management platform includes a Dashboard with analytics and out-of-the-box developer portal. Tyk is free to use, under a developer license, to manage a single gateway node, ideal if you are doing a POC.
Hope this helps and please keep in touch to let us know more about your use case.
I'm planning to build an application that runs on WEB(AngularJS), Android(Native), IOS(Native).
I have experience with MongoDB, but I found CouchBase which sounds really good for me.
I read documentation and I found out I need to use sync_gatway to sync my mobile databases with main database server and reverse, until now everything is fine.
I also need to use "channels" to share records with multiple users.
The problem comes when I need to implement this for web application.
In their documentation on "Working with web applications" they explain how "bucket shadowing" is working, but they also say:
Bucket shadowing is meant to enable sync for existing Couchbase Server
apps. If you are creating a new app with both mobile and web clients,
we recommend starting with the Sync Gateway REST APIs, and connecting
backend services using the Changes Worker Pattern.
After reading Sync Gateway REST API I found out I'm limited to facebook and persona authentication. So I can't use my own authentication mechanism?
Also, there is nothing specified in REST API about channels?
Is there any example project or more documentation about this? I couldn't find anything :(
If someone has experience with this, please explain how this works.
Thanks
There is also Custom (Indirect) Authentication available on Sync Gateway, which you can use for any type of auth you need.
But you have to hide Sync Gateway's Admin API under your backend layer.
As for the channels: it is responsibility of Sync Function to route different documents to necessary channels based on Document data.
Here is a good video that describes how to build production architecture around Couchbase Lite.
I'm probably late for the party - but as of today I'd recommend taking a look in the PouchDB project for the WEB AngularJS side - they match pretty well and will sync with Couchbase.
Regarding authentication, I just released an article on that topic, find it here. Hope this helps somebody
I know CAS and I understand how it works in web applications contexts; now my customer would like to have a SSO system able in managing several applications (both stand alone and web applications)
I saw the RESTful APIs provided by CAS; I'ld like to use these APIs in my scenario but I'm missing how to use them.
Now...let's suppose I have the following applications:
java swing application
visual basic application
web application (Java based)
What I would like to do is to use the CAS APIs in order to do a SSO so that an user logged on one of the previous applications must no more log in on the other. Is this possible? If so...how may I do it?
I guess that the first thing to do is to do the request for a CAS ticket but then....how can I share this ticket between applications? Is there any good way and/or best practice to follow?
Thank you
Angelo
I already replied on the CAS mailing list: https://groups.google.com/forum/?fromgroups#!topic/jasig-cas-user/yhTwvj6-Sko...